
THAT WHICH IS CLAIMED: 



1. A method of controlling updates of a 
programmable memory of a device, the method comprising: 
providing an update window of predefined duration 
during which the programmable memory may be updated; 
5 and 

allowing updates of the programmable memory only 
during the update window. 



ug 2. A method according to Claim 1, wherein the 

is steps of providing an update window and allowing 

= t updates comprise the steps of: 

Ey allowing access to the programmable memory based 

s 5 on the state of an access latch; 

setting the access latch to allow access to the 
I* programmable memory after a hardware reset of the 

□ device; 

executing an update control program to control 
10 access to the programmable memory; and 

resetting the latch to prevent access to the 
programmable memory upon completion of the update 
control program. 



3. A method according to Claim 2, further 
comprising the steps of : 

allowing access to a memory where the update 
control program resides when the access latch allows 
5 access to the programmable memory; and 

preventing access to the memory where the update 
control program resides when the access latch prevents 
access to the programmable memory. 
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4. A method according to Claim 2, wherein the 
update control program further carries out the steps 
of: 

determining if an update of the programmable 
5 memory is available ; and 

updating the programmable memory if an update of 
the programmable memory is available. 

5 . A method according to Claim 4 , wherein the 
step of determining if an update of the programmable 
memory is available comprises examining at least one of 
a local memory location, a local drive, a network drive 

5 and an input device status to determine if an update is 

available . 

6. A method according to Claim 4, wherein the 
step of determining if an update of the programmable 
memory is available comprises examining persistent 
status information . 

7 . A method according to Claim 4 , wherein the 
step of updating the programmable memory comprises the 
steps of : 

obtaining an update image associated with the 
5 available update containing update data to be written 

to the programmable memory; 

obtaining installation information from the update 
image ; and 
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writing the update data to the programmable memory 
10 based on the installation information obtained from the 

update image . 



8. A method according to Claim 7, wherein the 
installation information comprises an install program 
and wherein the step of writing the update data to the 
programmable memory based on the installation 

5 information obtained from the update image comprises 

executing the install program to write the update data 
to the programmable memory . 

9. A method according to Claim 4, wherein the 
step of updating the programmable memory comprises the 
steps of : 

loading an update image associated with the 
5 available update into a temporary workspace; and 

updating the programmable memory from the loaded 
update image . 

10. A method according to Claim 4, further 
comprising the step of storing existing data from the 
programmable memory so as to provide a backup copy of 
the existing data from the programmable memory. 

11. A method according to Claim 10, further 
comprising the steps of : 

determining if the update of the programmable 
memory was successful; and 
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restoring the contents of the programmable memory 
from the backup copy if the update of the programmable 
memory was not successful . 

12. A method according to Claim 4, wherein the 
update control program further carries out the step of : 

verifying the authenticity of the update of the 
programmable memory if an update of the programmable 
memory is available. 



13. A method according to Claim 12, wherein the 
step of verifying the authenticity of the update 
comprises the step of: 

evaluating at least one certificate in an update 
5 image associated with the available update to determine 

if a valid digital signature is provided with the 
update image . 



14. A method according to Claim 12, wherein the 
step or verifying the authenticity of the update 
comprises the step of determining if a valid digital 
signature is provided with the image by decrypting the 
5 digital signature provided with the image using a 

shared secret . 



15. A method according to Claim 13, wherein the 
step of evaluating at least one certificate comprises 
the steps of : 

decrypting a digital signature of the certificate 
utilizing a public key of a certificate authority 
accessible to the update program; and 
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comparing the decrypted digital signature with a 
precomputed value to determine if the digital signature 
is a valid digital signature associated with the 
certificate authority . 

16. A method according to Claim 15, wherein the 
public key is stored in a non-updateable memory 
associated with the update control program. 

17. A method according to Claim 15, further 
comprising the step of : 

providing the public key of the certificate 
authority in a previous version of data to be stored in 
5 the programmable memory; and 

wherein the step of decrypting a digital signature 
of the certificate utilizing a public key further 
comprises the step of obtaining the public key from the 
programmable memory. 

18. A method according to Claim 12, wherein the 
update includes a plurality of certificates in a 
hierarchy of certificates and wherein the step of 
verifying the authenticity of the update comprises the 

5 step of evaluating certificates of the plurality of 

certificates in an update image to determine if a valid 
digital signature is provided with certificates of the 
plurality of certificates in the update image. 

19. A method according to Claim 18, wherein the 
step of evaluating certificates of the plurality of 
certificates comprises the steps of: 
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decrypting a digital signature of a certificate 
5 utilizing a public key associated with a next -higher 

certificate in the hierarchy; 

comparing the decrypted digital signature with a 
precomputed value to determine if the digital signature 
is a valid digital signature associated with the 
10 certificate; 

obtaining a public key associated with another of 
the digital certificates; 

repeating the steps of decrypting and comparing 
utilizing the obtained public key associated with 
15 another of the digital certificates; and 

wherein the step of obtaining a public key is 
repeated until a public key associated with a last of 
the digital certificates is obtained, and comparing the 
last public key with a predetermined value. 



20. A method according to Claim 12, further 
comprising the steps of: 

obtaining application rules information from an 
extension of at least one certificate associated with 
5 the update ; 

evaluating the rules information obtained from the 
at least one certificate; and 

wherein the step of updating the programmable 
memory comprises the step of selectively updating the 
10 programmable memory based on the evaluation of the 

rules information obtained from the at least one 
certificate . 
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21. A method according to Claim 18 , wherein the 
step of evaluating the rules information comprises the 
step of evaluating at least one of rules information 
associated with a manufacturer of the device, rules 
5 information associated with a brand of the device, 

rules information associated with a software version of 
the device, rules information associated with a license 
authorization of the device or rules information 
~ associated with the individual device. 

M 22 . A system for controlling access to a 

fc g programmable memory of a device, comprising: 

'if- a latch; 

^ a memory controller configured to control read and 

%j 5 write operations to the programmable memory and 

17- operably associated with the latch so as to allow 

y write operations to the programmable memory when the 

latch is in a first state and to prevent write 
operations to the programmable memory when the latch is 
10 in a second state; 

a latch enable circuit configured to set the latch 
to the first state upon detecting a hardware reset of 
the device and set the latch to the second state upon 
completion of a memory update window. 

23. A system according to Claim 22, wherein the 
latch enable circuit comprises: 

a hardware reset circuit which generates a 
hardware reset of the device ; 
5 a processor; and 
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a read only memory operably associated with the 
processor and containing a program utilized to update 
the programmable memory, wherein the program is 
configured to set the latch to the second state. 

24. A system according to Claim 23, wherein the 
processor is configured to execute the program 
contained in the read only memory upon generation of 
the hardware reset of the device . 

25. A system according to Claim 24, wherein the 
program is configured to set the latch to the second 
state upon completion of execution of the program. 

26. A system according to Claim 23, wherein the 
processor comprises a digital signal processor. 

27. A system according to Claim 22, wherein the 
memory controller is further configured to allow read 
operations of the read only memory when the latch is in 
the first state and prevent read operations of the read 

5 on ly memory when the latch is in the second state. 

28. A system according to Claim 27, wherein the 
program is configured to determine if an update of the 
programmable memory is available and to update the 
programmable memory if an update of the programmable 

5 memory is available. 

29. A system according to Claim 28, wherein the 
program is configured to determine if an update of the 
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programmable memory is available by examining at least 
one of a local memory location, a local drive, a 
5 network drive and an input device status to determine 

if an update is available. 

30. A system according to Claim 28, wherein the 
program is configured to determine if an update of the 
programmable is available by examining persistent 
status information . 

31. A system according to Claim 28, wherein the 
program is configured to update the programmable memory 
by obtaining an update image containing update data to 
be written to the programmable memory, obtaining 
installation information from the update image and 
writing the update data to the programmable memory 
based on the installation information obtained from the 
update image . 

32. A system according to Claim 31, wherein the 
installation information comprises an install program 
and wherein the program is configured to execute the 
install program to write the update data to the 
programmable memory . 

33. A system according to Claim 28, wherein the 
program is further configured to load an update image 
into a temporary workspace and update the programmable 
memory from the loaded update image. 
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34. A system according to Claim 28, wherein the 
program is configured to store existing data from the 
programmable memory so as to provide a backup copy of 
the data of the programmable memory. 

35. A system according to Claim 34 , wherein the 
program is further configured to determine if the 
update of the programmable memory was successful and 
restore the contents of the programmable memory from 

^ 5 the backup copy if the update of the programmable 

En memory was not successful. 

f% 36. A system according to Claim 36, wherein the 

sy program is also configured to verify the authenticity 

O of the update of the programmable memory if an update 

y t of the programmable memory is available. 

ru 

O 37. A system according to Claim 36, wherein the 

program is configured to obtain application rules 
information from an extension of at least one 
certificate associated with the update, evaluate the 
5 rules information obtained from a certificate and 

selectively update the programmable memory based on the 
evaluation of the rules information obtained from the 
certificate . 



38. A system according to Claim 36, wherein the 
program is configured to obtain application rules 
information from the update image, evaluate the 
obtained rules information, and selectively update the 
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5 programmable memory based on the evaluation of the 

obtained rules information. 

39. A system for controlling updates of a 
programmable memory of a device, comprising: 

means for providing an update window of predefined 
duration during which the programmable memory may be 
5 updated; and 

means for allowing updates of the programmable 
memory only during the update window. 

40. A system according to Claim 3 9 , wherein the 
means for providing an update window and the means for 
allowing updates, comprise: 

means for allowing access to the programmable 
5 memory based on the state of an access latch; 

means for setting the access latch to allow 
access to the programmable memory after a hardware 
reset of the device; 

means for executing an update control program to 
10 control access to the programmable memory; and 

means for resetting the latch to prevent access to 
the programmable memory upon completion of the update 
control program. 

41. A system according to Claim 40, further 
comprising : 

means for allowing access to a memory where the 
update control program resides when the access latch 
5 allows access to the programmable memory; and 
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means for preventing access to the memory where 
the update control program resides when the access 
latch prevents access to the programmable memory. 

42. A system according to Claim 40, further 
comprising : 

means for determining if an update of the 
programmable memory is available; and 
5 means for updating the programmable memory if an 

update of the programmable memory is available. 

43. A system according to Claim 42, wherein the 
means for determining if an update of the programmable 
memory is available comprises means for examining at 
least one of a local memory location, a local drive, a 

5 network drive and an input device status to determine 

if an update is available. 

44. A system according to Claim 42, wherein the 
means for determining if an update of the programmable 
memory is available comprises means for examining 
persistent status information. 

45. A system according to Claim 42, wherein the 
means for updating the programmable memory comprises: 

means for obtaining an update image associated 
with the available update containing update data to be 
5 written to the programmable memory; 

means for obtaining installation information from 
the update image; and 
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means for writing the update data to the 
programmable memory based on the installation 
10 information obtained from the update image. 

46. A system according to Claim 45, wherein the 
installation information comprises an install program 
and wherein the means for writing the update data to 
the programmable memory based on the installation 
5 information obtained from the update image comprises 

means for executing the install program to write the 
update data to the programmable memory. 



47. A system according to Claim 40, wherein the 
means for updating the programmable memory comprises: 

means for loading an update image associated with 
the available update into a temporary workspace; and 
5 means for updating the programmable memory from 

the loaded update image . 



48. A system according to Claim 40, further 
comprising means for storing existing data from the 
programmable memory so as to provide a backup copy of 
the existing data from the programmable memory. 

49. A system according to Claim 48, further 
comprising : 

means for determining if the update of the 
programmable memory was successful; and 
5 means for restoring the contents of the 

programmable memory from the backup copy if the update 
of the programmable memory was not successful . 
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50. A system according to Claim 40 , further 
comprising means for verifying the authenticity of the 
update of the programmable memory if an update of the 
programmable memory is available. 



51. A system according to Claim 50, wherein the 
means for verifying the authenticity of the update 
comprises means for evaluating at least one certificate 
in update image associated with the available update to 
5 determine if a valid digital signature is provided with 

the update image. 



52. A system according to Claim 50, wherein the 
means for verifying the authenticity of the update 
image comprises means for determining if a valid 
digital signature is provided with the image by 

5 decrypting the digital signature provided with the 

image using a shared secret. 

53. A system according to Claim 51, wherein the 
means for evaluating at least one certificate 
comprises : 

means for decrypting a digital signature of the 
5 certificate utilizing a public key of a certificate 

authority accessible to the update program; and 

means for comparing the decrypted digital 
signature with a precomputed value to determine if the 
digital signature is a valid digital signature 
10 associated with the certificate authority. 
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54. A system according to Claim 53, wherein the 
public key is stored in a non-updateable memory 
associated with the update control program. 



55. A system according to Claim 53, further 
comprising : 

means for providing the public key of the 
certificate authority in a previous version of data to 
5 be stored in the programmable memory; and 

wherein means for decrypting a digital signature 
of the certificate utilizing a public key further 
comprises means for obtaining the public key from the 
programmable memory . 

56. A system according to Claim 51, further 
comprising : 

means for obtaining application rules information 
from an extension of at least one certificate 
5 associated with the update; 

means for evaluating the rules information 
obtained from the at least one certificate; and 

wherein the means for updating the programmable 
memory comprises means for selectively updating the 
10 programmable memory based on the evaluation of the 

rules information obtained from the at least one 
certificate . 



57. A system according to Claim 56, wherein the 
means for evaluating the rules information comprises 
means for evaluating at least one of rules information 
associated with a manufacturer of the device, rules 
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5 information associated with a brand of the device, 

rules information associated with a software version of 
the device, rules information associated with a license 
authorization of the device or rules information 
associated with the individual device. 

58. A method of providing a plurality of devices 
having differing functionality, the method comprising: 

™ providing a plurality of generic processing 

\B devices having hardware suitable to perform at least a 

5 portion of the differing functionality of the plurality 

75 of devices, wherein the generic processing devices also 

j^j have a programmable memory and a read only memory; 

distributing to the plurality of generic 
processing devices, updates to the programmable memory 
10 so as to define the functionality of the generic 

processing devices so as to provide the plurality of 
devices having differing functionality; 

selectively updating the programmable memories of 
the generic processing devices utilizing an update 
15 program provided in the read only memories of the 

generic processing devices which verifies the 
authorization of an update and selectively updates the 
programmable memory based on the verified 
authorization; and 
20 preventing updates of the programmable memories of 

the generic processing devices other than by the update 
program. 

59. A method according to Claim 58, further 
comprising the step of preventing access to the read 
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only memory containing the update program other than 
when an update of the programmable memory of a generic 
5 processing device is being performed. 

60. A method according to Claim 58, wherein the 
generic processing devices further include a digital 
signal processor and wherein the updates of the 
programmable memory provide microcode for controlling 

5 the operation of the digital signal processor. 

61. A method according to Claim 58, wherein the 
step of preventing updates comprises the steps of: 

allowing access to the programmable memory based 
on the state of an access latch; 
5 setting the access latch to allow access to the 

programmable memory after a hardware reset of the 
device ; and 

resetting the latch to prevent access to the 
programmable memory upon completion of the update of a 
10 programmable memory . 

62. A method according to Claim 61, further 
comprising the steps of: 

allowing access to a memory where an update 
control program resides when the access latch allows 
5 access to the programmable memory; and 

preventing access to the memory where the update 
control program resides when the access latch prevents 
access to the programmable memory. 
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63. A method according to Claim 62, wherein the 
update control program further carries out the steps 
of: 

determining if an update of the programmable 
5 memory is available; and 

updating the programmable memory if an update of 
the programmable memory is available. 

64. A method according to Claim 63, wherein the 
step of updating the programmable memory comprises the 
steps of : 

obtaining an update image containing update data 
to be written to the programmable memory; 

obtaining installation information from the update 
image ; 

writing the update data to the programmable memory 
based on the installation information obtained from the 
update image . 

65. A method according to Claim 64, wherein the 
installation information comprises an install program 
and wherein the step of writing the update data to the 
programmable memory based on the installation 

5 information obtained from the update image comprises 

executing the install program to write the update data 
to the programmable memory. 

66. A method according to Claim 63, further 
comprising the step of: 
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verifying the authenticity of an update of the 
programmable memory if an update of the programmable 
memory is available. 

67. A method according to Claim 66, wherein the 
step of verifying the authenticity of the update 
comprises the steps of : 

evaluating at least one certificate in the update 
image to determine if a valid digital signature is 
provided with the image. 

68. A method according to Claim 66, wherein the 
step of verifying the authenticity of the update image 
comprises determining if a valid digital signature is 
provided with the image by decrypting the digital 
signature provided with the image using a shared 
secret . 



69. A method according to Claim 67, wherein the 
step of evaluating at least one certificate comprises 
the steps of : 

5 decrypting a digital signature of the certificate 

utilizing a public key of a certificate authority 
accessible to the update program; and 

comparing the decrypted digital signature with a 
precomputed value to determine if the digital signature 
10 is a valid digital signature associated with the 

certificate authority . 
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70. A method according to Claim 67, wherein the 
public key is stored in a non-updateable memory 

15 associated with the update program. 

71. A method according to Claim 67, further 
comprising the steps of : 

providing the public key of the certificate 
authority in a previous version of data to be stored in 
the programmable memory; and 

wherein the step of decrypting a digital signature 
of the certificate utilizing a public key further 
comprises the step of obtaining the public key from the 
programmable memory . 

72. A method according to Claim 67, wherein the 
update includes a plurality of certificates in a 
hierarchy of certificates and wherein the step of 
verifying the authenticity of the update comprises the 
step of evaluating each of the plurality of 
certificates in the update image to determine if a 
valid digital signature is provided with each 
certificate of the update image. 

73. A method according to Claim 72, wherein the 
step of evaluating each of the digital certificates 
comprises the steps of : 

decrypting a digital signature of a certificate 
5 utilizing a public key associated with a next-higher 

certificate in the hierarchy; 

comparing the decrypted digital signature with a 
precomputed value to determine if the digital signature 
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Is a valid digital signature associated with the 
10 certificate; 

obtaining a public key associated with another of 
the digital certificates; 

repeating the steps of decrypting and comparing 
utilizing the obtained public key associated with 
15 another of the digital certificates; and 

wherein the step of obtaining a public key is 
repeated until a public key associated with a last of 
the digital certificates is obtained. 

74. A method according to Claim 67, further 
comprising the steps of : 

obtaining application rules information from an 
extension of at least one certificate associated with 
5 the update; 

evaluating the rules information obtained from a 
certificate; and 

wherein the step of selectively updating the 
programmable memory comprises the step of selectively 
10 updating the programmable memory based on the 

evaluation of the rules information obtained from the 
certificate . 



75. A method according to Claim 67, further 
comprising the steps of: 

obtaining application rules information from the 
update image; 

5 evaluating the obtained application rules 

Information; and 
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selectively updating the programmable memory based 
on the evaluation of the obtained application rules 
information . 

76. A method according to Claim 74, wherein the 
step of evaluating the rules information comprises the 
step of evaluating at least one of rules information 
associated with a manufacturer of the device, rules 

5 information associated with a brand of the device, 

rules information associated with a software version of 
the device, rules information associated with a license 
authorization of the device or rules, associated with 
the individual device. 

77. A computer program product for controlling 
access to a programmable memory, comprising: 

a computer readable storage media having computer 
readable program code embodied therein, the computer 
5 readable program code comprising: 

computer readable program code which allows access 
to the programmable memory based on the state of an 
access latch; 

computer readable program code which sets the 
10 access latch to allow access to the programmable memory 

after a hardware reset of the device; 

computer readable program code which provides an 
update control program to control access to the 
programmable memory; and 
15 computer readable program code which sets the 

latch to prevent access to the programmable memory upon 
completion of the update control program. 
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78. A system for providing a plurality of devices 
having differing functionality, comprising: 

a plurality of generic processing devices having 
hardware suitable to perform at least a portion of the 
5 differing functionality of the plurality of devices, 

wherein the generic processing devices also have a 
programmable memory and a read only memory; 

means for distributing to the plurality of generic 
processing devices, updates to the programmable memory 
10 so as to define the functionality of the generic 

processing devices so as to provide the plurality of 
devices having differing functionality; 

means for selectively updating the programmable 
memories of the generic processing devices utilizing an 
15 update program provided in the read only memories of 

the generic processing devices which verifies the 
authorization of an update and selectively updates the 
programmable memory based on the verified 
authorization; and 
2 0 means for preventing updates of the programmable 

memories of the generic processing devices other than 
by the update program. 



79. A computer program product for providing 
differing functionality to a plurality of generic 
processing devices having hardware suitable to perform 
at least a portion of the differing functionality of 
5 the plurality of devices, wherein the generic 

processing devices also have a programmable memory and 
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a read only memory, the computer program product 
comprising : 

a computer readable media having computer readable 
10 program code embodied therein, the computer readable 

program code comprising: 

computer program code which distributes to the 
plurality of generic processing devices, updates to the 
programmable memory so as to define the functionality 
15 of the generic processing devices so as to provide the 

plurality of devices having differing functionality; 

computer program code which selectively updates 
the programmable memories of the generic processing 
devices utilizing an update program provided in the 
20 read only memories of the generic processing devices 

which verifies the authorization of an update and 
selectively updates the programmable memory based on 
the verified authorization; and 

computer program code which prevents updates of 
2 5 the programmable memories of the generic processing 

devices other than by the update program. 
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